@micahflee This is basically for the same reason: no validation on packets whatsoever. Packets that cause the key to be unimportable are clearly not RFC-compliant, but SKS still accepts those packets.

0
2

@micahflee Another SKS bug. Anyone can make a key unimportable: try `gpg --keyserver pgp.mit.edu --recv-keys 0x4F3F50786C401DCE`, it will fail. Also see pgp.mit.edu/pks/lookup?op=vind

1
3

@todd Welcome! I really like my Librem 13 so far :-)

0
0

Apparently, there is a tamper-resistant (unlike Tomu) free hardware U2F token. Unfortunately, firmware requires a proprietary tool for build.

u2fzero.com/
github.com/conorpp/u2f-zero

0
0

Reflashing my hardware GPG token (FST-01) with Gnuk 1.2.9 after a botched firmware upgrade :-(

Usually this requires a proprietary SWD debugger like ST-Link/V2. @gniibe@identi.ca has recently implemented bbg-swd, a SWD debugger on top of OpenOCD that runs on BeagleBoard devices using PRUSS (auxiliary real-time processors on TI SoCs).

I'm using PocketBeagle and some Dupont wires. Hope this would work without any soldering.

0
0

I am a NixOS developer and prism-break.org maintainer who feels strongly about free software, hardware, and society.

22
27
Mastodon

This page describes the mastodon.social instance - wondering what Mastodon is? Check out joinmastodon.org instead! In essence, Mastodon is a decentralized, open source social network. This is just one part of the network, run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!

Hero image by @b_cavello